CLOUD INFRASTRUCTURE

OpenStack: An Overview

OpenStack is a continually evolving initiative to enable the deployment of cloud computing services using open source software. We’ll examine the most recent release of the platform, called Folsom, which adds two new modules for networking and block storage.

Back in July 2010, Rackspace Hosting and NASA jointly launched a new open-source cloud initiative known as OpenStack. The ultimate goal was to enable any organization to create and offer cloud computing services that run on standard hardware. Since that date, about six revisions of OpenStack have been released, and more than 150 companies have signed up to support the platform.

Simply put, OpenStack is a "cloud operating system" designed for the data center. What's more, OpenStack is also viewed as the kernel for cloud operations, on which vendors can build all sorts of software to run on in the cloud.

In practice, OpenStack is a conglomeration of multiple open-source projects and consists of an ever-growing mountain of Apache 2 code. It follows a development ideology of divide-and-conquer, in which individual modules are built to create an overall IaaS platform. Until recently, OpenStack consisted of three modules: Nova, for compute; Swift, for object storage; and Glance, an image service module.

The latest release of OpenStack, which goes by the code name Folsom, adds two additional modules to the mix: Quantum and Cinder. Quantum adds network enhancements. It enables developers to build more complex and custom network interfaces using a feature-rich and extensible API for programatically defining networks. That enables the creation of far richer network topologies, bringing a robustness to the network that did not exist previously in OpenStack. For example, developers can now define multitier applications and the subnets they're allocated. Quantum also allows for more advanced configurations at the back end by using plugins, such as Open vSwitch, or by implementing QoS and security functions.

Cinder is the OpenStack Block Storage project that was formerly known as nova-volume. This re-imagining of nova-volume separates the critical core functionality of block storage from the compute module of Nova. That means developers can realize faster development, quicker bug fixes and newer features to meet the demands of today's hosting requirements.

The Folsom release has more than 185 new features and enhancements, including support for Microsoft's hypervisor, Hyper-V, which was dropped in earlier releases. Folsom follows Essex, which was released in April 2012.

The addition of the Quantum and Cinder modules brings OpenStack to a total of seven core components: Object Storage, Image Service, Compute, Dashboard, Identity, Network and Block Storage. Here is a quick synopsis of each, with the module's code name in parentheses:

• Object Storage (Swift) allows you to store or retrieve files, but not mount directories like a file server. Several companies provide commercial storage services based on Swift. These include KT, Rackspace (from which Swift originated) and Internap. Swift is also used internally at many large companies to store their data.

• Image Service (Glance) provides a catalog and repository for virtual disk images. These disk images are mostly commonly used in OpenStack Compute. While this service is technically optional, any cloud of size will require it.

• Compute (Nova) provides virtual servers upon demand. Rackspace and HP provide commercial compute services built on Nova, and it is used internally at companies like Mercado Libre and NASA, where it originated.

• Dashboard (Horizon) is a modular, Web-based user interface for all the OpenStack services. With this Web GUI, you can perform most cloud operations, such as launching an instance, assigning IP addresses and setting access controls.

• Identity (Keystone) provides authentication and authorization for all the OpenStack services. It also provides a catalog of services within a particular OpenStack cloud.

• Network (Quantum) provides "network connectivity as a service" among interface devices managed by other OpenStack services (most likely Nova). The service works by allowing users to create their own networks and then attach interfaces to them. Quantum has a pluggable architecture to support many popular networking vendors and technologies. Quantum is new in the Folsom release.

• Block Storage (Cinder) provides persistent block storage to guest VMs. This project was born from code originally in Nova (the nova-volume service for those keeping score). Note that this is block storage (or volumes), not file systems like NFS or CIFS shares. Cinder is also new in the Folsom release.

Folsom is the sixth release of OpenStack in its two-plus year history, and the development train keeps rolling; the OpenStack Foundation, a non-profit organization that was recently established to oversee OpenStack development, is gearing up for another release in six months, currently code-named Grizzly. The key developers on the Grizzly project come from Rackspace, SwiftStack, Nebula, VMware-owned Nicira, SolidFire and Red Hat.

Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.